urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com.office.o365rp2.betagro.myshn.net Open in urlscan Pro
18.204.181.83  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Effective URL: https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Submission: On July 12 via manual from CN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 18.204.181.83, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.microsoftonline.com.office.o365rp2.betagro.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on December 6th 2022. Valid for: a year.
This is the only time login.microsoftonline.com.office.o365rp2.betagro.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 13 52.45.101.92 14618 (AMAZON-AES)
1 18.204.181.83 14618 (AMAZON-AES)
13 2
Domain Requested by
12 aadcdn.msauth.net.office.o365rp2.betagro.myshn.net login.microsoftonline.com.office.o365rp2.betagro.myshn.net
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
2 login.microsoftonline.com.office.o365rp2.betagro.myshn.net 1 redirects
13 2
Subject Issuer Validity Valid
office.o365rp2.betagro.myshn.net
GlobalSign RSA OV SSL CA 2018		 2022-12-06 -
2024-01-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Frame ID: 5DF957A6526528AEEFB6C330A9900AFD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. http://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https HTTP 302
    https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

274 kB
Transfer

911 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https HTTP 302
    https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/
Redirect Chain
  • http://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
  • https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.204.181.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-181-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ad897acc10e58fc5fe3cfa2dea54075def64b26a7b2fd5726208971f6a0b883f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8351
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jul 2023 08:18:50 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.15771.4 - SCUS ProdSlices
x-ms-request-id
2fcf9619-e641-468b-bed6-536c99f61400

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 12 Jul 2023 08:18:49 GMT
Location
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net:443/organizations/oauth2/v2.0/authorize?redirect_uri=https
Server
nginx
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
client-request-id
a1364196-7d47-4d1d-824a-9348e9faa128
converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by
Host: login.microsoftonline.com.office.o365rp2.betagro.myshn.net
URL: https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
Origin
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:51 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
20105
x-ms-lease-status
unlocked
Last-Modified
Wed, 17 May 2023 19:54:03 GMT
Server
nginx
ETag
0x8DB5710770A6D5D
x-azure-ref
20230712T081851Z-xrtbawphux775d6myq41ym4a5n00000003ag00000002ddtv
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
ebc4a70d-701e-0020-3774-b0a640000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ 		335 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Requested by
Host: login.microsoftonline.com.office.o365rp2.betagro.myshn.net
URL: https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
727a73ded2e7f93a51446d9c28479155b7b2e67ccfe1873e731a655ef957e845

Request headers

Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
Origin
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:51 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
94551
x-ms-lease-status
unlocked
Last-Modified
Fri, 16 Jun 2023 19:52:19 GMT
Server
nginx
ETag
0x8DB6EA331813ED0
x-azure-ref
20230712T081851Z-gctt734k5x1093bcsexvcuk76s00000001v0000000007zcv
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
df17ddc6-e01e-0049-2017-b19771000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
ux.converged.error.strings-de.min_su8gb3w61kbz8tmhroexew2.js
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/ests/2.1/content/cdnbundles/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/ests/2.1/content/cdnbundles/ux.converged.error.strings-de.min_su8gb3w61kbz8tmhroexew2.js
Requested by
Host: login.microsoftonline.com.office.o365rp2.betagro.myshn.net
URL: https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
00511c6ee2f06bb20ed0b3a58710d7643d9b681e062d61cfd605e3d6a7f197a8

Request headers

Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
Origin
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:51 GMT
Content-Encoding
gzip
X-Cache
TCP_MISS
Connection
keep-alive
Content-Length
11107
x-ms-lease-status
unlocked
Last-Modified
Thu, 15 Jun 2023 07:27:56 GMT
Server
nginx
ETag
0x8DB6D720A0191C3
x-azure-ref
20230712T081851Z-vzauspufet6m37vf2d2m3s0fgw00000003f0000000017s2q
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
920a8994-501e-005a-3b99-b45a55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
convergederror_customizationloader_b22f20662f830efc7a8f.js
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/asyncchunk/convergederror_customizationloader_b22f20662f830efc7a8f.js
Requested by
Host: aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
URL: https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e207c50bf3a48bbf3ac8f514b3240ff7861941c4dc3552a374c46d1a375b9048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:51 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
32257
x-ms-lease-status
unlocked
Last-Modified
Tue, 25 Apr 2023 04:25:37 GMT
Server
nginx
ETag
0x8DB45451EC8BA1D
x-azure-ref
20230712T081851Z-6h2p9g9r8h2wm8qz2us0d4c70c00000001hg000000022x5h
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
83da29b2-801e-004f-8017-b16d7d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1009
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Server
nginx
ETag
0x8DB5C3F48118378
x-azure-ref
20230712T081852Z-vzauspufet6m37vf2d2m3s0fgw00000003f0000000017s6b
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
d1baaf58-e01e-0021-3efb-b08d42000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/ 		270 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0FlCuZAAAAABp8pCWNtfYRbSzBslw1MEaTU5aMjIxMDYwNjEyMDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
rp+/fadJKxLUo+jgFmYTeQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
190
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Server
nginx
ETag
0x8DB5C3F4823AA6E
X-Azure-Ref
07GGuZAAAAAAYVdyqh1t/QL5qjx26EFdVTU5aMjIxMDYwNjEzMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
5d15ce42-d01e-0006-1007-b4cd7f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
X-Robots-Tag
none
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ 		186 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
URL: https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b74ba98946a88ca8b4b7a53a768096017a72df3f07e41868ee2cdcca93b4c597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
61112
x-ms-lease-status
unlocked
Last-Modified
Thu, 25 May 2023 17:22:47 GMT
Server
nginx
ETag
0x8DB5D44A8CEE4F4
x-azure-ref
20230712T081852Z-xrtbawphux775d6myq41ym4a5n00000003ag00000002ddze
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
8cb9e785-201e-002d-0ed9-b0795b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Requested by
Host: aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
URL: https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1009
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Server
nginx
ETag
0x8DB5C3F48118378
x-azure-ref
20230712T081852Z-6h2p9g9r8h2wm8qz2us0d4c70c00000001hg000000022x70
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
b23b4cfd-a01e-0019-6739-b2f442000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/ 		270 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Requested by
Host: aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
URL: https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0FlCuZAAAAABp8pCWNtfYRbSzBslw1MEaTU5aMjIxMDYwNjEyMDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
rp+/fadJKxLUo+jgFmYTeQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
190
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Server
nginx
ETag
0x8DB5C3F4823AA6E
X-Azure-Ref
07GGuZAAAAABIbLu2zqjdSqqs0SIBcRKFTU5aMjIxMDYwNjEzMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
5d15ce42-d01e-0006-1007-b4cd7f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
X-Robots-Tag
none
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:48 GMT
Server
nginx
ETag
0x8DB5C3F4911527F
x-azure-ref
20230712T081852Z-vzauspufet6m37vf2d2m3s0fgw00000003f0000000017s7b
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
04f74039-801e-000b-41fa-b01264000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
673
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Server
nginx
ETag
0x8DB5C3F47E260FD
x-azure-ref
20230712T081852Z-6h2p9g9r8h2wm8qz2us0d4c70c00000001hg000000022x7u
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
232c5f2c-a01e-005d-0f33-b18b5b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
Accept-Ranges
bytes
X-Robots-Tag
none
convergederror_stringcustomizationhelper_859c3a1510e53419e111.js
aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/asyncchunk/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/asyncchunk/convergederror_stringcustomizationhelper_859c3a1510e53419e111.js
Requested by
Host: aadcdn.msauth.net.office.o365rp2.betagro.myshn.net
URL: https://aadcdn.msauth.net.office.o365rp2.betagro.myshn.net/shared/1.0/content/js/ConvergedError_Core_pfU6gziSk7YWB97ctDuWdg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.101.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-101-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
22e295f2043a23a3f04ffa4f9953086379dd4af01e20e854a5ec6a9283a96d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.o365rp2.betagro.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Jul 2023 08:18:52 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
018mlZAAAAAC6Dnm2XppgTYOBPtWblVjRTU5aMjIxMDYwNjEyMDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
OPWky/NmJO63csHGqJ2t2Q==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
35808
x-ms-lease-status
unlocked
Last-Modified
Tue, 14 Feb 2023 22:22:19 GMT
Server
nginx
ETag
0x8DB0ED9EFDB1C7C
X-Azure-Ref
07GGuZAAAAACqwjEDdTImRZiTY9sFMZwJTU5aMjIxMDYwNjEzMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
cc067399-b01e-0054-0862-aff848000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=12, BuildDate=2023-06-12 07:13
X-Robots-Tag
none

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedError_Core boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergederror_customizationloader_b22f20662f830efc7a8f boolean| __convergederror_stringcustomizationhelper_859c3a1510e53419e111

5 Cookies

Domain/Path Name / Value
login.microsoftonline.com.office.o365rp2.betagro.myshn.net/ Name: fpc
Value: AmAX-5e-my1CgsPTkecWc4E
.login.microsoftonline.com.office.o365rp2.betagro.myshn.net/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrbcnzaRPRfn64UBjHr1TYCwwd7Up3zUdA7Ub9DhsCtJOGtwEZ_y9wJsf0R165JIeUZtX2VKMUoHAcqEH8JzPbv8DF1XtmmavSLwQaoQHjC-IBce7HXnq25ztlXSrmXtfCEzGR5ybYaCDoYxWYGk7Q6lUd42X9fL9EY1Z7jsJ4rRIgAA
login.microsoftonline.com.office.o365rp2.betagro.myshn.net/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com.office.o365rp2.betagro.myshn.net/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com.office.o365rp2.betagro.myshn.net/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: b605aaa5-1b13-4d5c-a66a-7e3eb40c893d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0